A decades-old Bluetooth flaw allows hackers to steal data that flows between devices



[ad_1]

A large number of device manufacturers are fixing a serious vulnerability in the Bluetooth specification that allows hackers to intercept and forge data exchanged wirelessly. People who use Bluetooth to connect smartphones, computers, or other security-sensitive devices should make sure to install a fix as soon as possible.

The attack, revealed in a research paper released on Wednesday, is serious as it allows people to perform a man-in-the-middle attack on the connection between vulnerable devices. From there, attackers can see all the data exchanged, which can include contacts stored on a device, pbadwords typed on a keyboard, or sensitive information used by medical equipment, point of sale or automobile. Attackers could also forge keystrokes on a bluetooth keyboard to open a command window or malicious website in an outright compromise of the phone or the connected computer.

Non-novel

Bluetooth badociates Simple Secure Pairing or LE Secure Connections with elliptical mathematical curve principles to allow devices that have never been connected before to safely establish a secret key needed for encrypted communications. The attack uses a new variant of what cryptographers call an invalid curve attack to exploit a major flaw in the Bluetooth protocol that has remained unknown for more than a decade. As a result, attackers can force devices to use a known encryption key that allows wireless monitoring and modification of data between them.

"This attack allows an attacker who can read and modify Bluetooth traffic during "Pairing to force the key to be something they know," said JP Smith, a security engineer and Bluetooth security expert at the security company Trail of Bits, told Ars. Is not mathematically / theoretically new at all, and it's actually about the simplest attack you can do on cryptosystems with elliptical curve. Notably, it is a protocol level error, so if you have implemented the bluetooth specification out of the book (without optional validation), you have this bug. "

The active man-in-the-middle attack that allows data to be changed successfully works on 50% of matches, the rest failing." An badociated pbadive attack works on 25% of matches. do not succeed at the first attempt are free to try subsequent pairings.The attacks work even when pairings require the user to enter a six-digit number displayed on one device in the other. attacks require specialized equipment that would probably not be difficult to build for the most advanced pirates.

In the document, researchers at the Israeli Technion-Institute of Technology write:

We would like to point out two major design flaws make our attack possible.The first design defect sends both the x coordinate and the y coordinate during the public key exchange This is unnecessary and strongly discouraged because it dramatically increases the attack surface, while calculating the y coordinate from an x ​​coordinate is simple.

The second major flaw is that the two coordinates of the public keys are sent during the second phase of the pairing, the protocol only authenticates the x coordinate. We are not aware of why the designers decided to leave the unauthenticated y coordinate, except to save a little computational effort. Even though the validity of the point should be verified by the implementation, our attack could also have been avoided if both coordinates were authenticated.

Another less significant defect is that protocol designers state that "To protect the private key of a device, should implement a method to prevent an attacker from retrieving useful information about the device's private key to the device." Using invalid public keys. To do this, a device can use one of the following methods. " In this quote, the specification uses the term "should" (as opposed to "must"). Therefore, implementors can ignore the statement because it is not mandatory for compliance with the specification.

A variety of devices and software – including those from macOS, iOS, Android, LG and Huawei – have already received patches. In an FAQ, the researchers said that Microsoft's Bluetooth "implements an old version of the standard, which is even less safe, rather than the broken contemporary standard." A CERT notice is here.

For attacks to succeed, both of the paired devices must be vulnerable. This means that as long as both are patched, the users are not sensitive. People who use Bluetooth to transmit sensitive data or control trusted devices should make sure to have patches installed on at least one of them. While patches are available for many consumer devices, there are probably many more specialized ones used in hospitals, stores, and other environments that will not be protected in the foreseeable future. Users of these devices should check with manufacturers.

[ad_2]
Source link